This feels like the DAO all over again.
The war for EIP 867
Another controversial proposal is sparking a word war within the Ethereum community. Ethereum Improvement Proposal or EIP 867, known as the Standardized Ethereum Recovery Proposal (ERP), seeks to enable the recovery of funds in special cases like hacks, exploits, and loss of funds due to bugs in smart contracts. Deploying the functionality would warrant a hard fork
One of the developers of the proposal is James Levy, a developer who created a smart contract publishing tool called Mintchalk in 2014. Levy was lauded by Ethereum founder Vitalik Buterin on Reddit, and he was awarded with 40,000 ETH for his work. But he lost his funds within three weeks after a hacker was able to steal his ether reportedly due to a weak passphrase. Back then, his ether was worth around $35,000. Today, it’s worth over $35 million.
Levy is not alone. In November last year, multisignature wallet Parity suffered a bug that froze around $285 million worth of ETH at the time, simply due to an accidental kill command.
But users are rejecting the proposal, just like they did when the DAO suffered Ethereum’s first historical, big-time heist. Users pointed out that undoing the heist is a violation of the code’s promise of immutability. They believe the DAO should suffer the consequences of their own negligence—some say that the DAO team were made aware of the vulnerability in their smart contract but they proceeded with the ICO anyway because—money.
During the DAO incident, the proposal for a hard fork to undo the heist pushed through, giving birth to Ethereum Classic (ETC) for those who maintained that they should not be bailed out. But the value of ETH plummeted and did not recover the entire year, and the DAO eventually collapsed anyway.
Similarly, users are now pointing out the motto “code is law,” and that deploying Levy’s proposal is a violation of the code’s immutability pledge. And it looks like this hard fork proposal won’t be as lucky as the DAO’s this time around.
No bail-out this time around
Should Ethereum retrieve funds lost due to buggy smart contracts, or should devs be held accountable for negligence—but then leave their investors to suffer the losses? This question has been floating around in the Ethereum community for years now, and it obviously cannot be swept under the rug. It seems hacks and exploits are a regular thing for Ethereum, a downside of its openness to new developers—regardless of whether they actually know what they’re doing or not.
In the realm of traditional businesses, it is not common to launch software to the public unless it’s security is airtight. And in cases where an oversight happens, the company can be legally held liable for whatever damages their customers and investors incur as a result of their error. In the blockchain industry, it being in its infancy stage, these liabilities are not clear-cut.
Nevertheless, even Buterin doubts that any bail-outs will happen this time around.
“Not sure where this meme that ethereum is ‘trying to’ adopt EIP 867 came from; as far as I can tell it’s not going anywhere and most of the community has rejected it,” Buterin commented on a Reddit thread.
He also clarifies that the DAO did not set a precedent to subsequent bail-outs, as demonstrated by the community’s rejection of the proposal, which he Tweeted a link to.
To those who thought that the DAO fork set an unbounded slippery slope and lasting precedent, I encourage you to see the reactions on this thread: https://t.co/EvoNKH2nsR
— Vitalik Buterin (@VitalikButerin) February 16, 2018